Defending the Supply Chain: Why the DDS Protocol is Critical in Industrial and Software Systems
In 2021, a team of researchers from Trend Micro Research, TXOne, ADLINK, Alias Robotics, and ZDI looked into the Data...
News
Update now! Apple patches another actively used zero-day
Apple has released patches for iOS 15.3, iPadOS 15.3, and macOS Monterey 12.2 and is urging users to update. The...
Let’s Encrypt to revoke “mis-issued” certificates
If you use a Let’s Encrypt SSL/TLS certificate, you may wish to check your account over the coming days. Revocation...
Puerto Rico was hit by a major cyberattack
Puerto Rico’s Senate announced that is was it by a cyberattack that shut down its internet provider, phone system and...
North Korea-linked Lazarus APT used Windows Update client and GitHub in recent attacks
North Korea-linked Lazarus APT group uses Windows Update client to deliver malware on Windows systems. North Korea-linked Lazarus APT started...
Popular apps left biometric data, IDs of millions of users in danger
Personal data belonging to millions of customers of large businesses have been exposed due to a flaw in Onfido IDV....
North Korea’s Lazarus APT leverages Windows Update client, GitHub in latest campaign
This blog was authored by Ankur Saini and Hossein Jazi Lazarus Group is one of the most sophisticated North Korean...
Microsoft mitigated a 3.47 Tbps DDoS attack, the largest one to date
Microsoft announced to have mitigated a record 3.47 Tbps distributed denial of service (DDoS) attack targeting an Azure customer. Microsoft announced that...
Lockbit ransomware gang claims to have hacked Ministry of Justice of France
A few hours ago Lockbit ransomware operators announced to have stolen data from Ministry of Justice of France. The Ministry...
A new highly evasive technique used to deliver the AsyncRAT Malware
Experts spotted a sophisticated malware campaign delivering the AsyncRAT trojan since September 2021. Researchers from Morphisec spotted a sophisticated phishing...
Ransomware gangs are recruiting breached individuals to persuade companies to pay up
You’ve heard about ransomware, where attackers lock up your files and demand a payment for the decryption key. You may...
Apple fixes Mac bug that could have allowed takeover of webcams and browser tabs
A researcher has picked up a $100,500 bounty from Apple after discovering a rather nasty method of gaining control of...
Experts analyze first LockBit ransomware for Linux and VMware ESXi
LockBit expands its operations by implementing a Linux version of LockBit ransomware that targets VMware ESXi servers. LockBit is the...
Apple fixed the first two zero-day vulnerabilities of 2022
Apple released security updates to fix two zero-day flaws, one of them actively exploited to hack iPhones and Macs. Apple...
New DazzleSpy malware attacks macOS
DazzleSpy, a piece of malware that attacks macOS, was discovered last fall by researchers at ESET, and now those researchers...
German intelligence agency warns of China-linked APT27 targeting commercial organizations
The BfV German domestic intelligence services warn of ongoing attacks carried out by the China-linked APT27 cyberespionage group. The Bundesamt...
KONNI evolves into stealthier RAT
This blog post was authored by Roberto Santos KONNI is a Remote Administration Tool that has being used for at...
Senate Committee passes new antitrust bill aimed at Big Tech companies
The American Innovation and Choice Online Act (AICOA), a bill that forbids Big Tech platforms like Apple, Alphabet (Google’s parent company),...
New DeadBolt ransomware targets QNAP NAS devices
New malware is targeting targets QNAP NAS devices, it is the DeadBolt ransomware and ask 50 BTC for master key...
Google sued over deceptive location tracking
Four Attorneys General (AG) from the District of Columbia and the states of Indiana, Texas, and Washington have filed separate...
Windows Update has changed over the years. Here are 25 group policies to avoid
Microsoft has published a list of 25 group policies that administrators should not use in Windows 10 and Windows 11...
VMware urges customers to patch VMware Horizon servers against Log4j attacks
VMware released security patches to address critical Log4j security vulnerabilities in VMware Horizon servers targeted in ongoing attacks. VMware urges...
Microsoft warns of phishy OAuth apps
Microsoft is warning Office 365 users to watch out for a phishy emails asking you to install an app called Upgrade....
Cyberinsurance companies don’t want to pay out for “acts of war”
Due to the evolving and growing impact of cybersecurity incidents there are some questions starting to arise about the way...
